In numerous embedded systems as well as many security tokens, such as smart cards (e.g., Subscriber Identity Module (SIM) cards in cell phones, subscriber cards for set top boxes, etc.) or Universal Serial Bus (USB) keys, software can be remotely downloaded to devices already installed in the field. The purpose of such downloads can be to update existing embedded software or to add or modify device functionality. As such, new software and/or other content can be downloaded to memory within a target device through an interface device, or other standard device communication interface.
During transmission of the downloaded software to the target device, the software may be exposed to a potential eavesdropper. To prevent eavesdropping, the downloaded software can be encrypted before it is transmitted to the device and then decrypted inside the device at reception. The decryption occurs before the software is stored in memory. Thus, the downloaded software is fully decrypted when stored in the memory and accessible to be executed on demand at a later time. While the encryption can protect the downloaded software from eavesdropping during the transmission, malicious software embedded in the target device can wait until the software is decrypted and stored in the memory before launching a Trojan horse or memory dump attack. Thus, the downloaded software is still vulnerable to attack, despite the pre-transmission encryption.